Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
96,396 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

82 Commits

Author SHA1 Message Date
kleink ac4fd59f8c `Normalize' the pid file contents to "<pid><newline>", just like 
pidfile(3) does; patch sent to Darren a while ago.
 2002-04-17 12:06:23 +00:00
wiz 7cb50ab7ee Spelling fixes and grammar improvements. 2002-04-14 14:35:05 +00:00
martin a3f3f844dc Document the mssclamp option. 2002-04-14 07:53:46 +00:00
thorpej 082e0b796d Add the __unused__ attribute to rcsid[]/sccsid[]. Need to talk 
to Darren about this more, but this gets it to compile with gcc 3.2.
 2002-04-09 02:32:51 +00:00
martti 3c53e00e43 Don't remove ip_h323_pxy.c 2002-04-03 09:32:06 +00:00
jdolecek 1414ac04e0 remove stuff not related to NetBSD 2002-04-01 15:58:08 +00:00
jdolecek aa2f829ddf remove the 'mv ipnat.1 ipnat.8', the distribution comes with ipnat.8 nowadays 
add back ip_h323_pxy.c - upon closer examination, the licence seems to be okay
 2002-04-01 15:56:51 +00:00
martin 58d564bc8c Add MSS clamping to the IP Filter NAT subsystem. 
Configured by a new option "mssclamp" in NAT rules, like:

 map pppoe0 192.168.1.0/24 -> 0/32 mssclamp 1452

This is based on work by Xiaodan Tang <xtang@qnx.com>.
 2002-03-14 21:46:54 +00:00
martti 83b3487b70 Upgraded IPFilter to 3.4.25 2002-03-14 12:32:36 +00:00
martti a79df224af Import IPFilter 3.4.25 2002-03-14 12:30:07 +00:00
martti 27df1070c7 Don't import ip_h323_pxy.c (license issues) 2002-03-14 08:07:06 +00:00
sommerfeld 3e18fc136f More ipip references 2002-03-04 15:15:39 +00:00
martti c6a4a9d33a Fixed Darren's original IPv6 icmp-type patch (rev 1.8) to display 
better error messages if the user tries to use symbolic names such
as "echo" and "echorep" in "ipv6-icmp ... icmp-type ..." rules.

Consider the following rules:

  # cat /etc/ipf6.conf
  pass in quick proto ipv6-icmp from any to any icmp-type 128
  pass in quick proto ipv6-icmp from any to any icmp-type echo

Use of symbolic names give now the following error:

  # ipf -Fa -6f /etc/ipf6.conf
  2: Unknown ICMPv6 type (echo) specified (use numeric value instead)

The first rule with numeric value will work as expected:

  # ipfstat -6hi
  0 pass in quick proto ipv6-icmp from any to any icmp-type 128

NOTE: You MUST use numerical values for ICMPv6 types. See
      /sys/netinet/icmp6.h for available codes!
 2002-02-04 19:07:47 +00:00
martti 6ffd37ccd1 Back out version 1.8 as it fixes the display BUT breaks the icmp-type rules: 
ROOT localhost:~> /etc/rc.d/ipfilter reload
  Reloading ipfilter rules.
  22: Invalid icmp-type (echo) specified

With version 1.7 everything works just fine:

  ROOT localhost:~> /etc/rc.d/ipfilter reload
  Reloading ipfilter rules.
  Set 1 now inactive
 2002-02-04 12:00:52 +00:00
martti bfc0fa18e9 Fixed display of "proto ipv6-icmp ... icmp-type ..." rule. Before 
this fix ipfstat reported:

  0 pass in quick proto ipv6-icmp from any to any

while after this fix:

  0 pass in quick proto ipv6-icmp from any to any icmp-type 8

This was just a display bug, the rule worked as expected.
 2002-02-01 11:31:56 +00:00
martin d4e37ff89e Add a missing "else". 2002-01-24 10:40:12 +00:00
martti 5ecddfad8c Fixed return value (I was unable to compile this on sparc64 before 
this fix).
 2002-01-24 08:30:27 +00:00
martti 7421720886 This file is not needed 2002-01-24 08:25:37 +00:00
martti e6acaff1c5 This file is in /sys/netinet 2002-01-24 08:25:21 +00:00
martti a0dddbc807 Manual page fixes regarding IPv6 2002-01-24 08:24:14 +00:00
martti b9920d0f43 Upgraded IPFilter to 3.4.23 2002-01-24 08:21:30 +00:00
martti b0499f9062 Import IPFilter 3.4.23 2002-01-24 08:18:28 +00:00
martti 14b3179d7c Added ip_netbios_pxy.c and ip_ipsec_pxy.c 2002-01-23 11:03:19 +00:00
wiz 1fd7eeefcd "than" instead of "then". 2001-11-21 19:14:19 +00:00
wiz 456dff6cb8 Spell 'occurred' with two 'r's. 2001-09-16 16:34:23 +00:00
wiz e3f8252b49 Xref ipf(8) instead of non-existing ipf(1). 2001-09-09 17:22:59 +00:00
wiz 1288f79bbd Xref curses(3) instead of ncurses(3). 2001-09-09 17:22:39 +00:00
wiz 23fec241fa Change Xref to ipfilter(4) from [not installed] ipfilter(5). 2001-09-03 01:19:05 +00:00
mrg 2a32c938de make this program actually work. 2001-06-07 14:15:39 +00:00
mike 2e4a6df0d4 Change perl location from /usr/local/bin/perl to /usr/pkg/bin/perl. 2001-04-11 19:08:05 +00:00
wiz bc80fa8140 Fix typo. 2001-04-11 09:41:37 +00:00
wiz c73fe2d6a1 protocols(5), not (4). 2001-04-09 12:39:02 +00:00
mike fb2dc295a6 Resolve conflicts. 2001-03-26 06:11:46 +00:00
mike 204c25d632 Import IP Filter 3.4.16 2001-03-26 03:52:19 +00:00
christos 713e855d22 we are NetBSD -- we don't need stinking ncurses. 2001-03-13 16:30:39 +00:00
simonb 85213a5c3e Clean up wording slightly in previous. 2001-01-25 11:59:27 +00:00
itojun 8e11103138 document about ipf interaction with ipsec tunnel, and tunnelling devices. 
(the behavior is netbsd specific)
 2001-01-25 11:16:16 +00:00
hubertf 9934ff5271 Xref ipf.conf(5) 2001-01-07 04:33:47 +00:00
is 890345ee05 Format string cleanups by Bill Sommerfeld. 2000-10-09 14:52:15 +00:00
veego b3d0df91fb Resolve conflicts. 2000-08-09 21:00:39 +00:00
veego dd200b1b9b Import IP Filter 3.4.9 2000-08-09 20:49:40 +00:00
thorpej 6acc606aa4 Update to reflect that you don't need to explicitly do an 
`ipf -E' in order to be able to use NAT.
 2000-08-06 07:05:50 +00:00
veego 5189b64cf6 Resolve conflicts. 2000-06-12 10:43:24 +00:00
veego 8a1de3e633 Import IP Filter 3.4.6 2000-06-12 10:21:51 +00:00
veego c02ef5cc85 Resolve conflicts. 2000-05-23 06:07:42 +00:00
veego 11120ba212 Resolve conflicts. 2000-05-21 18:53:54 +00:00
veego 8fcd61625e Rename ipnat.1 to ipnat.8. 2000-05-21 18:37:27 +00:00
veego ca37c80f5b Resolve conflicts. 2000-05-11 19:54:35 +00:00
veego b358e4a2ae Import IP Filter 3.4.2 2000-05-11 19:49:13 +00:00
veego b3f239a7bf Use unsigned long long and not long long for the change in Rev 1.6 and 
also change the the printf format.
 2000-05-08 13:07:56 +00:00